CN103957212A - Information leakage prevention method and system - Google Patents
Information leakage prevention method and system Download PDFInfo
- Publication number
- CN103957212A CN103957212A CN201410185934.7A CN201410185934A CN103957212A CN 103957212 A CN103957212 A CN 103957212A CN 201410185934 A CN201410185934 A CN 201410185934A CN 103957212 A CN103957212 A CN 103957212A
- Authority
- CN
- China
- Prior art keywords
- interface
- interface adapter
- file server
- wireless router
- adapter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Small-Scale Networks (AREA)
Abstract
The invention discloses an information leakage prevention method. The information leakage prevention method comprises the first step of building a local area network and limiting the use range of an interface adapter, the second step of configuring a PC and installing a drive management program of the interface adapter on the PC, the third step of configuring a wireless router and adding MAC addresses, allowed to be used in the local area network, of the interface adapter into a control list of the wireless router, the fourth step of erecting and configuring a file server, distributing a corresponding storage space for the interface adapter on the file server and setting a login ID, and the fifth step of finishing data storage. The invention further discloses an information leakage prevention system comprising the interface adapter, the PC, the wireless router and the file server. The PC is connected to the wireless router through the interface adapter and then has access to the file server, and the file server provides the data storage service for the interface adapter. The interface adapter without a storage chip is adopted to store data into the file server, and information leakage is completely eradicated fundamentally.
Description
Technical field
The present invention relates to information security field, in particular to a kind of information leakage protection method and system.
Background technology
Mobile memory medium cross-reference is the main cause that causes network secret leaking case.In recent years, China occur some networks divulge a secret, steal secret information case follow the trail of trace to the source, all closely related with mobile memory medium cross-reference.At present, although existed some to prevent the enciphered mobile storage apparatus of leakage of data on market, but after all, the data of divulging a secret remain on the FLASH chip that is stored in movable storage device, no matter the data on FLASH chip are carried out to how high-intensity encryption, who can not ensure that its cryptographic algorithm does not have safety defect, once movable storage device is lost, enciphered data wherein is still faced the danger of information leakage.In addition, at some special occasions, the use of movable storage device is had to stricter regulation, generally only allow movable storage device to use in particular organization or particular place, ordinary mobile storage does not possess the condition that this restriction is used.。
Summary of the invention
For solving information-leakage phenomenon in current social, the object of the invention is to, by adopting a kind of interface adapter that utilizes file server storage data only using in specific region, realize the object that prevents loss of data.
In order to solve above-mentioned purpose, the invention provides a kind of information leakage protection method and comprise the steps, S1 builds local area network (LAN), limits the interface adapter scope of application, and data only can be shifted in this local area network (LAN); S2 configures PC, and mounting interface adapter driven management program on PC for PC recognition interface adapter provides possibility, and is connected to wireless routing on the basis of recognition interface adapter; S3 configures wireless router, adds the MAC Address that allows the interface adapter using in local area network (LAN) in wireless router control list, is limited to spendable interface adapter in local area network (LAN); S4 sets up and configuration file server, on file server for interface adapter distributes corresponding memory cell and login account is set, when the data in local area network (LAN) transfers by interface adapter, data are not stored in interface adapter, but be stored in file server, can not produce the result of the loss of data producing because of the loss of interface adapter; S5 completes data storage.
Further, step S5 also comprises that S51 connects wireless router; S52 log file server; The memory cell that S53 mapping is corresponding with interface adapter; S54 storage data.
Further, the interface adapter described in step S1-S5 comprises wireless chip and interface, and wherein, interface comprises USB interface, pcmcia interface, 1394 interfaces, serial interface or parallel port interface.
The present invention also provides a kind of information leakage protection system, comprise interface adapter, PC, wireless router and file server, PC is connected to wireless router by interface adapter, PC is connected to access file server after wireless router, and file server provides data storage service for interface adapter.On the file server of the present invention in local area network (LAN), for interface adapter distributes corresponding memory space, accomplish to prevent that losing because of interface adapter the information leakage event causing occurs.
Further, interface adapter comprises wireless chip and interface, and wherein, interface comprises USB interface, pcmcia interface, 1394 interfaces, serial interface or parallel port interface, and interface is connected with PC, and wireless chip is used for making PC to be connected with wireless router.The use of the interface of interface adapter makes to realize and being connected with PC, and wireless chip makes PC be wirelessly connected to wireless router by wireless chip.
Further, interface adapter driven management program is installed on PC, interface adapter is inserted on PC, and PC starts interface adapter driven management program and is wirelessly connected to wireless router.PC is known interface adapter and is connected to wireless router by mounting interface adapter driven management program.
Further, wireless router control list comprises interface adapter MAC Address.Whether wireless router is connected with wireless router with the MAC Address control PC of controlling in list.
Further, file server comprises the data storage cell corresponding with interface adapter, and memory cell provides data storage for interface adapter.
In the present invention, interface adapter can be USB wireless network card, pci interface wireless network card or PCMICA interface wireless network interface card etc.
Beneficial effect of the present invention is: the present invention is by adopting the interface adapter without storage chip to make PC be connected to access file server after wireless router, store data into file server, can not produce because of interface adapter and lose and cause the serious consequence of loss of data to produce, make data message safer.
Brief description of the drawings
Fig. 1 is the structural representation of the leakage-preventing system of a kind of local area network (LAN) internal information of the present invention;
Fig. 2 is that the present invention completes the flow chart that data shift; In figure: 1 interface adapter, 2 PCs, 3 wireless routers, 4 file servers.
Embodiment
Also by reference to the accompanying drawings the present invention is described in further detail below by specific embodiment.
The present invention also provides a kind of information leakage protection system, comprise interface adapter, PC, wireless router and file server, PC is connected to wireless router by interface adapter, PC is connected to access file server after wireless router, and file server provides data storage service for interface adapter.Interface adapter comprises wireless chip and interface, and wherein, interface comprises USB interface, pcmcia interface, 1394 interfaces, serial interface or parallel port interface, and interface is connected with PC, and wireless chip is used for making PC to be connected with wireless router.Interface adapter driven management program is installed on PC, and interface adapter is inserted on PC, and PC starts interface adapter driven management program and is wirelessly connected to wireless router.Wireless router control list comprises interface adapter MAC Address.File server comprises the data storage cell corresponding with interface adapter, and memory cell provides data storage for interface adapter.
Also provide a kind of information leakage protection method according to system the present invention of the present invention, comprise the steps, S1 builds local area network (LAN), limits the interface adapter scope of application; S2 configures PC, mounting interface adapter driven management program on PC; S3 configures wireless router, adds the MAC Address that allows the interface adapter using in local area network (LAN) in wireless router control list; S4 sets up and configuration file server, on file server for interface adapter distributes corresponding memory space; S5 adopts interface adapter to carry out data storage, and wherein, step S5 also comprises that S51 connects wireless router; S52 log file server; The memory cell that S53 mapping is corresponding with interface adapter; S54 storage data.Interface adapter in above-mentioned steps described in S1-S5 is without storage chip interface adapter.
First, build local area network (LAN) and configure underlying hardware in local area network (LAN) according to step S1-S4 in method provided by the invention; Secondly according to step S5 threaded file server; Finally complete file operation.
Interface adapter is made as to USB wireless network card U1, U2 for we and U3 is example, copy the file on PC1 1 to PC2 and above introduce the present invention for example, and file server in the present invention is made as to ftp file server.
For all PC mounting interface adapter driven management programs (being all referred to as hereinafter APP) in this local area network (LAN); In this local area network (LAN) wireless router control list, add the MAC Address of U1 and U3; In ftp server, be U1 memory allocated unit C1 account is set and password, account and password are all made as the MAC Address of U1.
As Fig. 1 adopts USB wireless network card of the present invention to carry out data storage procedure schematic diagram in the present invention.USB wireless network card is inserted in local area network (LAN) of the present invention on PC, APP operation on PC, if APP is not housed on PC, PC will be left intact so; After APP operation, first the network of automatically setting up between PC and wireless router is connected, if there is the MAC Address of this USB wireless network card in wireless router control list, PC connects wireless router success so, otherwise APP also directly exits to user's prompting " login failure " or prompting " illegality equipment "; After PC connects wireless router success, ftp file server is logined in access.APP logins ftp file server using the MAC Address of its USB wireless network card as username and password, the MAC Address that APP is logined the USB wireless network card of ftp file server by ftp file server is carried out account coupling, PC login ftp file server success after the match is successful; Otherwise the failure of login ftp server, and point out " connection failure: illegality equipment " and exit.After the success of login ftp server, APP fictionalizes a USB wireless network card driver on PC, and the storage directory distributing for USB wireless network card in ftp file server is mapped to this virtual USB wireless network card driver.At this moment, user can feel with to have plugged a real USB wireless network card the same, and can carry out regular file to this virtual USB wireless network card and operated.
Adopt the situation of U1:
First, U1 is inserted to PC1 upper, the APP operation on PC1, the network that APP attempts automatically to set up between PC and wireless router is connected, because there is the MAC Address of U1 in wireless router, so successful connection, PC1 is successfully connected to wireless router; APP logins ftp file server using the MAC Address of U1 as login account simultaneously, and the MAC Address of U1 is carried out account coupling by ftp file server, and the match is successful, and PC1 successfully signs in to ftp file server.APP fictionalizes an interface adapter driver on PC1 simultaneously, and the memory cell C1 distributing for U1 is mapped to this interface adapter driver by ftp file server.
Secondly, user operates virtual interface adapter catalogue, and the file on PC1 1 is copied in this interface adapter driver, and this file 1 stores in C1, extracts U1, and APP exits.
Finally, U1 is inserted on PC2, the mode that PC2 signs in to ftp file server according to above-mentioned PC1 signs in to ftp file server, on PC2, fictionalize interface adapter driver simultaneously at APP, memory space C1 is mapped to the interface adapter driver on PC2 by ftp file server, and the file in C1 1 is moved on PC2.
Adopt the situation of U2:
U2 is inserted on PC1, the network that APP attempts to set up between PC and wireless router is connected, because there is no the MAC Address of U2 in wireless router control list, so U2 and wireless router connection failure, it is illegality equipment that APP can point out user, and APP will directly exit.
Adopt the situation of U3:
U3 is inserted into PC1 upper, the network that APP attempts to set up between PC and wireless router is connected, because have the MAC Address of U3, successful connection in wireless router control list; Next APP logins ftp file server using the MAC Address of U3 as login account, because there is no the MAC Address of U3 in the Accounts List in ftp file server, APP mates MAC Address failure with ftp file server, APP prompts for illegality equipment and exits to user.
Ftp file server is mapped to virtual interface adapter driver by storage directory and can also adopts the softwares such as NetDrive to complete.
In embodiment of the present invention, interface adapter interface is made as to USB interface, be made as particularly USB wireless network card, also selectable interface in interface adapter is made as to other interface, as other interfaces such as pcmcia interface, 1394 interfaces, serial ports or parallel ports, be specifically made as PCI wireless network card or pcmcia interface network interface card etc.
In all execution modes of the present invention, the APP on PC has been made as interface adapter MAC Address login account and the login password of PC login ftp file server, selectable, also can be made as other form self-defined login password.
The selectable wireless network card that do not comprise of PC in all execution modes of the present invention, the selectable wireless network card that comprises yet; The PC that comprises wireless network card does not need can sign in to ftp file server by interface adapter, and in this case, interface adapter is selectable does not have wireless chip.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any amendment of doing, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (8)
1. an information leakage protection method, is characterized in that, comprise the steps,
S1 builds local area network (LAN), limits the interface adapter scope of application;
S2 configures PC, mounting interface adapter driven management program on PC;
S3 configures wireless router, adds the MAC Address that allows the interface adapter using in local area network (LAN) in wireless router control list;
S4 sets up and configuration file server, and file server is connected with wireless router, on file server for interface adapter distributes corresponding memory space and login account is set;
S5 completes data storage.
2. method according to claim 1, is characterized in that, step S5 also comprises
S51 connects wireless router;
S52 log file server;
The memory cell that S53 mapping is corresponding with interface adapter;
S54 storage data.
3. method according to claim 1, is characterized in that, the interface adapter described in step S1-S5 comprises wireless chip and interface, and wherein interface comprises USB interface, pcmcia interface, 1394 interfaces, serial interface or parallel port interface.
4. an information leakage protection system, comprise interface adapter, PC, wireless router and file server, it is characterized in that, PC is connected to wireless router by interface adapter, PC is connected to access file server after wireless router, and file server provides data storage service for interface adapter.
5. system according to claim 4, it is characterized in that, interface adapter comprises wireless chip and interface, wherein, interface comprises USB interface, pcmcia interface, 1394 interfaces, serial interface or parallel port interface, interface is connected with PC, and wireless chip is used for making PC to be connected with wireless router.
6. want the system described in 4 according to right, it is characterized in that, interface adapter driven management program is installed on PC, interface adapter is inserted on PC, and PC starts interface adapter driven management program and is wirelessly connected to wireless router.
7. system according to claim 4, is characterized in that, wireless router control list comprises interface adapter MAC Address.
8. system according to claim 4, is characterized in that, file server comprises the data storage cell corresponding with interface adapter, and memory cell provides data storage for interface adapter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410185934.7A CN103957212B (en) | 2014-05-06 | 2014-05-06 | Information leakage prevention method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410185934.7A CN103957212B (en) | 2014-05-06 | 2014-05-06 | Information leakage prevention method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103957212A true CN103957212A (en) | 2014-07-30 |
| CN103957212B CN103957212B (en) | 2017-05-24 |
Family
ID=51334438
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410185934.7A Active CN103957212B (en) | 2014-05-06 | 2014-05-06 | Information leakage prevention method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103957212B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101465741A (en) * | 2009-01-12 | 2009-06-24 | 上海量网通信技术有限公司 | 3G wireless internet router |
| CN102325150A (en) * | 2011-07-06 | 2012-01-18 | 同济大学 | Method and device for realizing multi-screen interactive mobile learning |
| CN102707994A (en) * | 2012-04-27 | 2012-10-03 | 西安电子科技大学 | Method for controlling computer by handheld mobile equipment in local area network |
| CN202870836U (en) * | 2012-11-05 | 2013-04-10 | 包头市万佳信息工程有限公司 | Protocol control information (PCI) safety protective card and system of secret-related computer |
| CN103095530A (en) * | 2013-01-21 | 2013-05-08 | 中国科学院信息工程研究所 | Method and system for sensitive information monitoring and leakage prevention based on front-end gateway |
| CN103220827A (en) * | 2013-04-27 | 2013-07-24 | 苏州超锐微电子有限公司 | Wireless fidelity (WiFi) adapter chip |
-
2014
- 2014-05-06 CN CN201410185934.7A patent/CN103957212B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101465741A (en) * | 2009-01-12 | 2009-06-24 | 上海量网通信技术有限公司 | 3G wireless internet router |
| CN102325150A (en) * | 2011-07-06 | 2012-01-18 | 同济大学 | Method and device for realizing multi-screen interactive mobile learning |
| CN102707994A (en) * | 2012-04-27 | 2012-10-03 | 西安电子科技大学 | Method for controlling computer by handheld mobile equipment in local area network |
| CN202870836U (en) * | 2012-11-05 | 2013-04-10 | 包头市万佳信息工程有限公司 | Protocol control information (PCI) safety protective card and system of secret-related computer |
| CN103095530A (en) * | 2013-01-21 | 2013-05-08 | 中国科学院信息工程研究所 | Method and system for sensitive information monitoring and leakage prevention based on front-end gateway |
| CN103220827A (en) * | 2013-04-27 | 2013-07-24 | 苏州超锐微电子有限公司 | Wireless fidelity (WiFi) adapter chip |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103957212B (en) | 2017-05-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2019120091A1 (en) | Identity authentication method and system, and computing device | |
| US8954735B2 (en) | Device, method, and system for secure trust anchor provisioning and protection using tamper-resistant hardware | |
| US20070147318A1 (en) | Dynamic passing of wireless configuration parameters | |
| CN105530246A (en) | Method, device and system for managing virtual machine | |
| CN103618752A (en) | Virtual machine remote desktop safety access system and method | |
| CN103944869A (en) | Wake on cloud | |
| CN110336718A (en) | A kind of method of internet of things equipment safely and fast access-in management platform | |
| CN102984045B (en) | The cut-in method and Virtual Private Network client of Virtual Private Network | |
| CN111049946B (en) | Portal authentication method, portal authentication system, electronic equipment and storage medium | |
| US20170076081A1 (en) | Method and apparatus for securing user operation of and access to a computer system | |
| CN104348914A (en) | Tamper-proofing system file synchronizing system and tamper-proofing system file synchronizing method | |
| CN103368809A (en) | Internet reverse penetration tunnel implementation method | |
| CN109086634A (en) | A kind of BMC chip management method, system and BMC chip and storage medium | |
| CN104735176A (en) | PXE booting method and device and server single board | |
| CN109711206A (en) | A kind of safe hard disk of multi-user and its control method | |
| CN104023043B (en) | A kind of Remote configuration management method and device | |
| CN103078739B (en) | Dynamic password authentication method, device and network system | |
| CN104767621A (en) | Single-point security certification method for having access to enterprise data through mobile application | |
| US11683172B2 (en) | Distributed secure communication system | |
| CN105429867B (en) | A kind of pattern of fusion home gateway and its access method of application service | |
| TWI789291B (en) | Module and method for authenticating data transfer between a storage device and a host device | |
| CN104917750B (en) | A kind of key-course towards SDN and data Layer communication port self-configuration method and its system | |
| CN106412883A (en) | Method and apparatus for access to wireless network | |
| CN103957212A (en) | Information leakage prevention method and system | |
| CN106060087A (en) | Multi-factor host security access control system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100081 floor 5, Fuhai international port, 17 Daliushu Road, Haidian District, Beijing Patentee after: Beijing wanlihong Technology Co.,Ltd. Address before: 100081 floor 5, Fuhai international port, 17 Daliushu Road, Haidian District, Beijing Patentee before: BEIJING SUPERRED TECHNOLOGY Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |